Ransomware gets an Upgrade

Monday, August 25, 2014 @ 12:08 PM gHale

The usual distribution method for the malware is via drive-by download when a victim visits a site full of software vulnerabilities, said researchers at security provider Avast. Once the computer ends up hit, victims are helpless. The ransomware will then demand around $200 to get your computer back.

The version of Reveton analyzed by Avast also has another password stealer from the Papras family of malware. It’s not as effective as Pony but can disable security programs, researchers said in a blog post.

One sample of Reveton ended up pre-programmed to search a web browser’s history and cookies to see if the user had visited online sites of 17 German banks, the company wrote.

Avast said the developers may have added the capabilities because of falling profits from locking computers to gain ransom money. The developers have “decided to enter into a new black business area,” the researchers said.